API tools faq
paste
Advertisement
sanca

serv

sanca
Oct 19th, 2020
243
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.40 KB | None | 0 0
raw download clone embed print report
  1. //
  2. // named.conf
  3. //
  4. // Provided by Red Hat bind package to configure the ISC BIND named(8) DNS
  5. // server as a caching only nameserver (as a any DNS resolver only).
  6. //
  7. // See /usr/share/doc/bind*/sample/ for example named configuration files.
  8. //
  9. // See the BIND Administrator's Reference Manual (ARM) for details about the
  10. // configuration located in /usr/share/doc/bind-{version}/Bv9ARM.html
  11.  
  12. options {
  13. listen-on port 53 { any; };
  14. listen-on-v6 port 53 { ::1; };
  15. directory "/var/named";
  16. dump-file "/var/named/data/cache_dump.db";
  17. statistics-file "/var/named/data/named_stats.txt";
  18. memstatistics-file "/var/named/data/named_mem_stats.txt";
  19. recursing-file "/var/named/data/named.recursing";
  20. secroots-file "/var/named/data/named.secroots";
  21. allow-query { any; };
  22. allow-transfer { none; };
  23.  
  24. /*
  25. - If you are building an AUTHORITATIVE DNS server, do NOT enable recursion.
  26. - If you are building a RECURSIVE (caching) DNS server, you need to enable
  27. recursion.
  28. - If your recursive DNS server has a public IP address, you MUST enable access
  29. control to limit queries to your legitimate users. Failing to do so will
  30. cause your server to become part of large scale DNS amplification
  31. attacks. Implementing BCP38 within your network would greatly
  32. reduce such attack surface
  33. */
  34. recursion no;
  35.  
  36. dnssec-enable yes;
  37. dnssec-validation yes;
  38. dnssec-lookasied auto;
  39.  
  40. /* Path to ISC DLV key */
  41. bindkeys-file "/etc/named.root.key";
  42.  
  43. managed-keys-directory "/var/named/dynamic";
  44.  
  45. pid-file "/run/named/named.pid";
  46. session-keyfile "/run/named/session.key";
  47. };
  48.  
  49. logging {
  50. channel default_debug {
  51. file "data/named.run";
  52. severity dynamic;
  53. };
  54. };
  55.  
  56. zone "." IN {
  57. type hint;
  58. file "named.ca";
  59. };
  60.  
  61. include "/etc/named.rfc1912.zones";
  62. include "/etc/named.root.key";
  63.  
  64. zone "ns1.sancaweb.com" {type master;file "/var/named/ns1.sancaweb.com.db";};
  65. zone "ns2.sancaweb.com" {type master;file "/var/named/ns2.sancaweb.com.db";};
  66.  
  67. // zone sancaweb.com
  68. zone "sancaweb.com" {type master; file "/var/named/sancaweb.com.db";};
  69. // zone_end sancaweb.com
  70.  
  71. // zone kopmart.com
  72. zone "kopmart.com" {type master; file "/var/named/kopmart.com.db";};
  73. // zone_end kopmart.com
  74.  
  75.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!